Multi-Factor Authentication Information

What is Multi-Factor Authentication (MFA)?

Multi-Factor Authentication is a method for adding additional security to your St. Lawrence accounts.  Multi-Factor Authentication combines something you know, your SLU password, with something you have, for example, a unique code sent to the Microsoft Authenticator app, your cell phone, or your personal email address.  This extra verification step helps keep your SLU account secure and prevents a hacker from signing into your account should your password become compromised.  St. Lawrence will be rolling out MFA to all our websites and services over the coming months.

If you are having an issue or need assistance with Multi-Factor Authentication, you can put in a service request here.

What will change for me?

When signing into a SLU website or resource that has MFA enabled after you type in your password, you will be required to verify your identity in one of three ways:
 

• Approve the sign-in request using the Microsoft Authenticator app.
• Enter a numeric code that will be sent to your cell phone via text message.
• Enter a numeric code that will be sent to your personal email account on file.

Once you have done one of these three options, you will be signed into the website as normal. Additionally, you can check the box that says "Remember this device for 90 days", and you will not be prompted for MFA for 90 days, provided you continue to use the same device and web browser.

 

How can I prepare for MFA to be activated?

In order to sign in to a website or app that requires MFA, you must ensure at least two of the three options listed above are available. To do this, you will need to verify that your cell phone number and personal email address are registered properly. Additionally, we ask that you download the Microsoft Authenticator app as well.
 

• Step 1: Register or confirm that your cell phone number and personal email address are listed correctly in our system.
• Step 2: Set up the Microsoft Authenticator app on your smartphone.

Please note, the cell phone and personal email address listed must be accessible by you and only you. Additionally, email addresses from other institutions such as High Schools should not be used. If you do not have a personal email address, you will need to create one. Microsoft recommends Gmail as a personal email provider.

 

How can I test that my MFA methods are working properly?

Once you have verified your identification information and/or set up the Microsoft Authenticator app, you can visit the website below and test that you are able to sign in to websites with MFA enabled. If you see the text that reads "You've logged in successfully", you are all set to use MFA:

https://checkmfa.stlawu.edu/

Frequently Asked Questions:

• Why is St. Lawrence using MFA?

  • MFA is a recommended security best practice that will make it harder for cyber criminals to gain access to SLU resources in the event that a user’s password is compromised.  This initiative is highly recommended by our cyber security consultants and insurance provider.

• Who is required to use MFA?

  • Everyone with a St. Lawrence Account will be required to use MFA to access technology resources at SLU.  Initially, this will only impact Microsoft 365 Applications but we will configure the rest of our applications and services to use MFA over the coming months. We will send periodic updates to highlight when critical systems will begin requiring MFA

• How does MFA work?

  • When logging in to SLU resources, you will be prompted to verify your identity via the Microsoft Authenticator app or other registered verification information (Cell/Alternative Email.)  You will be prompted to authenticate on each individual device/browser as infrequently as every 90 days.

    Note: Specific applications requiring a higher level of security, such as VPN and Remote Apps, will require MFA verification every time you log in.

• What systems and applications will require MFA?

  • Eventually, all SLU systems will require MFA.  We are starting with Microsoft 365 and will add other systems over the next several months.

• How will this change affect me?

  • Each new device and/or browser will need to be authenticated at least every 90 days.  Some examples of different devices would be: your laptop, phone, classroom computer, residence hall lounge computer, open kiosk somewhere or even your home computer will all need to authenticate when connecting to Microsoft 365 applications.

• Why do so many people choose the authenticator app for MFA Authentication?

  • This is the easiest end-user experience and has the benefit of working on both Wi-Fi and cellular connections.

• What is a personal email address?

  • An email address not associated with a job, organization, or school (examples: Gmail, Microsoft, iCloud)

• What if I don't have a personal email address?

  • Get one – your SLU email address and accounts should not to be used for personal business such as banking, shopping, social media, etc.

• What if I don't have a personal device to use for MFA?

  • Contact Information Technology to discuss other authentication options if you do not have a personal device to use for MFA.

• Will the Authenticator App use my mobile data?

  • If not connected to Wi-Fi, the authenticator app will use a negligible amount of mobile data.

• What if I use a different authenticator app?

  • We recommend that you use the Microsoft Authenticator App.  Other apps may work but they are not supported by Information Technology.

• Who should I contact if I have trouble?

  • Call the IT Help Desk at 315-229-5770 or submit a service request here.

Quick Links:

• Microsoft Identity Verification Page.
• Instructions for how to verify your personal email and cell phone number.
• Microsoft Authenticator App on the Google Play Store.
• Microsoft Authenticator App on the App Store.
• Instructions for how to set up the Microsoft Authenticator App.